[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] How to setup GIT properly in a jailed environment
From: |
Tom Handy |
Subject: |
Re: [Jailkit-users] How to setup GIT properly in a jailed environment |
Date: |
Fri, 4 Feb 2011 08:46:33 +0100 |
Hey Olivier,
Thanks for the quick reply. Yes commands like "uname" etc are used in the git
command scripts.
Because my jailed users are "trusted" and because they can only interact with
the git repository from their own machines. They can scp to and from the jailed
environment but can not ssh into it.
What are the risks of syncing the whole /usr/bin directory over the to the
jailed environment?
Cheers,
Tom
On Feb 3, 2011, at 10:10 PM, Olivier Sessink wrote:
> On 02/03/2011 03:34 PM, Tom Handy wrote:
>> Hi,
>>
>> I am running Jailkit v2.11 on an Unbuntu server 10.04.
>>
>> We use this server for multiple functions. At the moment we use it
>> for testing of website and running a git repository.
>>
>> We also wanted to jail the git users to that they could not actually
>> logon to the gitserver but could access it though git tools on their
>> local machine.
>>
>> STEP 1: Install git on the server& create a shared central
>> repository apt-get install git-core adduser git mkdir /var/git/
>>
>> STEP 2: Add a jailed user who can access the shared central
>> repository adduser --ingroup git username jk_jailuser -s
>> /usr/bin/git-shell -m -j /home/jail "username" cd
>> /home/jail/home/username/ mkdir git mount -o bind /var/git/ git/
>>
>> The guys were testing the system and it turns out that certain git
>> commands where not available to the jailed users. So I imported the
>> git-core libraries from /usr/lib/git-core to the jail withe the
>> following command jk_cp -j /home/jail/ /usr/lib/git-core/*
>>
>> Now for the problem... Some of these git commands use linux commands
>> like uname which just generate the "command not found" error.
>
> are these git commands scripts? if so you could read the scripts and copy the
> required binaries? Else I'm afraid you have to find them by trial and
> error....
>
> good luck..
>
> Olivier
>
> --
> Bluefish website http://bluefish.openoffice.nl/
> Blog http://oli4444.wordpress.com/
>
> _______________________________________________
> Jailkit-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/jailkit-users